Cybersecurity Senior Engineer - SailPoint

About The Position

Requirements

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
• Previous experience in leading complex IT projects

Nice To Haves

• 7+ years of progressive work experience in Cybersecurity and Identity & Access Management
• SailPoint & IGA Expertise
• Deep experience with SailPoint Identity Security Cloud (ISC) including:
• - Identity Lifecycle Management (JML)
• - Access certification campaigns
• - Lifecycle event handling and attribute-based rules
• Design and implementation experience (greenfield and complex migrations), not just administration
• Experience upgrading or migrating from OIM to ISC
• Strong experience building and optimizing connectors, including:
• Web Services / REST-based connectors
• Custom transforms, rules, and workflows
• API-driven integrations (REST, SOAP, SCIM) with:
• HR systems (Workday, SuccessFactors, ADP)
• Cloud platforms (Azure AD / Entra ID, AWS, )
• Enterprise applications (ServiceNow , Salesforce)
• Strong hands-on experience with:
• Segregation of Duties (SoD) policy design and enforcement
• Role modeling, role mining, and lifecycle governance
• Audit support (SOX, SOC, HIPAA, PCI, GDPR depending on your org)

Responsibilities

• Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing.
• Participate in efforts related to designing, planning, enhancing, and testing all cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
• Participate in the analysis of information to determine, recommend, and plan the use of new technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources
• Participate in the implementation of new information security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff
• Take a new perspective on existing solutions to solve complex problems and exercise judgment based on the analysis (e.g. modeling, testing, etc.) of multiple sources of information.
• Provide technical support of information security technologies, providing problem analysis and resolution in a timely manner and explain and interpret complex, difficult, or sensitive information.
• Lead small cybersecurity projects with manageable risks and resource requirements; plays significant roles in larger, more complex initiatives.

Benefits

• All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.
• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.